r8conf2016/login.php
print_login accesses the super-global variable $_SESSION. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
process_login accesses the super-global variable $_POST. Open
Open
function process_login(){
require_once ('../mysql_access.php');
$email = addslashes($_POST["email"]);
$password = addslashes($_POST["password"]);
$hasher = new PasswordHash(8, true);- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
process_login accesses the super-global variable $_POST. Open
Open
function process_login(){
require_once ('../mysql_access.php');
$email = addslashes($_POST["email"]);
$password = addslashes($_POST["password"]);
$hasher = new PasswordHash(8, true);- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_GET. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_SERVER. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_SESSION. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_GET. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
process_login accesses the super-global variable $_SESSION. Open
Open
function process_login(){
require_once ('../mysql_access.php');
$email = addslashes($_POST["email"]);
$password = addslashes($_POST["password"]);
$hasher = new PasswordHash(8, true);- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_SESSION. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_GET. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_SESSION. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
print_login accesses the super-global variable $_SESSION. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
process_login accesses the super-global variable $_POST. Open
Open
function process_login(){
require_once ('../mysql_access.php');
$email = addslashes($_POST["email"]);
$password = addslashes($_POST["password"]);
$hasher = new PasswordHash(8, true);- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
logout accesses the super-global variable $_SESSION. Open
Open
function logout(){
unset($_SESSION['sessionConfID']);
}- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
Method process_login has 46 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
function process_login(){
require_once ('../mysql_access.php');
$email = addslashes($_POST["email"]);
$password = addslashes($_POST["password"]);
$hasher = new PasswordHash(8, true);Function process_login has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring. Open
Open
function process_login(){
require_once ('../mysql_access.php');
$email = addslashes($_POST["email"]);
$password = addslashes($_POST["password"]);
$hasher = new PasswordHash(8, true);- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method print_login has 31 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){The function process_login() has a Cyclomatic Complexity of 10. The configured cyclomatic complexity threshold is 10. Open
Open
function process_login(){
require_once ('../mysql_access.php');
$email = addslashes($_POST["email"]);
$password = addslashes($_POST["password"]);
$hasher = new PasswordHash(8, true);- Read upRead up
- Exclude checks
CyclomaticComplexity
Since: 0.1
Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.
Example
// Cyclomatic Complexity = 11
class Foo {
1 public function example() {
2 if ($a == $b) {
3 if ($a1 == $b1) {
fiddle();
4 } elseif ($a2 == $b2) {
fiddle();
} else {
fiddle();
}
5 } elseif ($c == $d) {
6 while ($c == $d) {
fiddle();
}
7 } elseif ($e == $f) {
8 for ($n = 0; $n < $h; $n++) {
fiddle();
}
} else {
switch ($z) {
9 case 1:
fiddle();
break;
10 case 2:
fiddle();
break;
11 case 3:
fiddle();
break;
default:
fiddle();
break;
}
}
}
}Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity
Avoid using undefined variables such as '$db' which will lead to PHP notices. Open
Open
($stmt = $db->prepare('select password from conf_contact_information where email=?'));- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid using undefined variables such as '$db' which will lead to PHP notices. Open
Open
if (!$stmt->fetch() && $db->errno);- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid using undefined variables such as '$id' which will lead to PHP notices. Open
Open
$_SESSION['sessionConfID'] = $id;- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid using undefined variables such as '$db' which will lead to PHP notices. Open
Open
$query = $db->query($select) or die("Unable to get data. $db->error");- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid using undefined variables such as '$db' which will lead to PHP notices. Open
Open
$query = $db->query($select) or die("Unable to get data. $db->error");- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid using undefined variables such as '$lastname' which will lead to PHP notices. Open
Open
WHERE `lastname` = '".$lastname."'- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid using undefined variables such as '$firstname' which will lead to PHP notices. Open
Open
AND `firstname` = '".$firstname."'- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Avoid using undefined variables such as '$db' which will lead to PHP notices. Open
Open
$result = $db->query($sql);- Read upRead up
- Exclude checks
UndefinedVariable
Since: 2.8.0
Detects when a variable is used that has not been defined before.
Example
class Foo
{
private function bar()
{
// $message is undefined
echo $message;
}
}Source https://phpmd.org/rules/cleancode.html#undefinedvariable
Missing class import via use statement (line '62', column '16'). Open
Open
$hasher = new PasswordHash(8, true);- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}Source http://phpmd.org/rules/cleancode.html#MissingImport
The method process_login uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
Open
else {
$r = NULL;
$hash = '*'; // In case the user is not found
($stmt = $db->prepare('select password from conf_contact_information where email=?'));
$stmt->bind_param('s', $email);- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}Source https://phpmd.org/rules/cleancode.html#elseexpression
The method process_login uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
Open
} else {
extract($r);
$_SESSION['sessionConfID'] = $id;
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}Source https://phpmd.org/rules/cleancode.html#elseexpression
The method process_login uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
Open
} else {
$what = 'Authentication failed. Please try again.';
}- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}Source https://phpmd.org/rules/cleancode.html#elseexpression
The function process_login() contains an exit expression. Open
Open
$query = $db->query($select) or die("Unable to get data. $db->error");- Read upRead up
- Exclude checks
ExitExpression
Since: 0.2
An exit-expression within regular code is untestable and therefore it should be avoided. Consider to move the exit-expression into some kind of startup script where an error/exception code is returned to the calling environment.
Example
class Foo {
public function bar($param) {
if ($param === 42) {
exit(23);
}
}
}Source https://phpmd.org/rules/design.html#exitexpression
Avoid unused local variables such as '$lastname'. Open
Open
WHERE `lastname` = '".$lastname."'- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused local variables such as '$error_message'. Open
Open
$error_message = "";- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused local variables such as '$firstname'. Open
Open
AND `firstname` = '".$firstname."'- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused local variables such as '$id'. Open
Open
$_SESSION['sessionConfID'] = $id;- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused local variables such as '$result'. Open
Open
$result = $db->query($sql);- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
Avoid unused local variables such as '$continue'. Open
Open
$continue = isset($_SESSION['continue']) ? $_SESSION['continue'] : '';- Read upRead up
- Exclude checks
UnusedLocalVariable
Since: 0.2
Detects when a local variable is declared and/or assigned, but not used.
Example
class Foo {
public function doSomething()
{
$i = 5; // Unused
}
}Source https://phpmd.org/rules/unusedcode.html#unusedlocalvariable
A file should declare new symbols (classes, functions, constants, etc.) and cause no other side effects, or it should execute logic with side effects, but should not do both. The first symbol is defined on line 25 and the first side effect is on line 2. Open
Open
<?php- Exclude checks
Avoid variables with short names like $id. Configured minimum length is 3. Open
Open
$_SESSION['sessionConfID'] = $id;- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $r. Configured minimum length is 3. Open
Open
$r = NULL;- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $op. Configured minimum length is 3. Open
Open
$op = $_POST['logstate'];- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
TRUE, FALSE and NULL must be lowercase; expected "null" but found "NULL" Open
Open
$r = NULL;- Exclude checks
Blank line found at end of control structure Open
Open
- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if ($op === 'new') {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
} else {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
echo "$what\n";- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
extract($r);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$_SESSION['sessionConfID'] = $id;- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if(isset($_GET['continue'])){- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Inline control structures are not allowed Open
Open
if (strlen($hash) < 20)- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$stmt->close();- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$select = "SELECT * FROM conf_contact_information WHERE email='$email'";- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$r = $query->fetch_assoc();- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (!isset($_GET['continue'])) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$result = $db->query($sql);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (!isset($_SESSION['sessionConfID']) && isset($_POST['logstate']) && ($_POST['logstate'] == 'login')) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$hash = $hasher->HashPassword($password);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
unset($hasher);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
($stmt = $db->prepare('select password from conf_contact_information where email=?'));- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
echo "<h3><a href='./logout.php' class='button expand'>Logout</a></h3>";- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$password = addslashes($_POST["password"]);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
//validate operation code- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
} else {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$what = 'User created';- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$what = 'Authentication failed. Please try again.';- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
print_login(1);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$sql = "SELECT * FROM `conf_contact_information`- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
unset($_SESSION['sessionConfID']);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
print_login();- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if ($hasher->CheckPassword($password, $hash)) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
echo "</div>";- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
require_once ('../mysql_access.php');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$error_message = "";- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$email = addslashes($_POST["email"]);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$hasher = new PasswordHash(8, true);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if ($op !== 'new' && $op !== 'login'){- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
fail('Failed to hash new password');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
echo "<meta http-equiv='refresh' content='0;url=\"schedule.php\"'>";- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$stmt->execute();- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}else {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
echo(isset($_SESSION['continue']) ? $_SESSION['continue'] : '');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$op = $_POST['logstate'];- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}else if (!isset($_SESSION['sessionConfID'])){- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
echo "<div class='large-3 medium-3 small-12 large-centered medium-centered columns'>";- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
session_register('continue');- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$_SESSION['continue'] = $_GET['continue'];}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
else {- Exclude checks
Inline control structures are not allowed Open
Open
if (!$stmt->fetch() && $db->errno);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
process_login();- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (strlen($hash) < 20)- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
unset($hasher);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$query = $db->query($select) or die("Unable to get data. $db->error");- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$continue = isset($_SESSION['continue']) ? $_SESSION['continue'] : '';- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (!$stmt->fetch() && $db->errno);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$r = NULL;- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$hash = '*'; // In case the user is not found- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
if (!$r) {- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$stmt->bind_param('s', $email);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$stmt->bind_result($hash);- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
$what = 'Authentication succeeded';- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
}- Exclude checks
Spaces must be used to indent lines; tabs are not allowed Open
Open
fail('Unknown request');}- Exclude checks
Space before opening parenthesis of function call prohibited Open
Open
require_once ('../mysql_access.php');- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
if (strlen($hash) < 20)- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
$hash = $hasher->HashPassword($password);- Exclude checks
Space before opening parenthesis of function call prohibited Open
Open
require_once ('../PasswordHash.php');- Exclude checks
Expected 1 space after closing parenthesis; found 0 Open
Open
if(isset($_GET['continue'])){- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
$_SESSION['sessionConfID'] = $id;- Exclude checks
Line indented incorrectly; expected 0 spaces, found 4 Open
Open
if (!isset($_SESSION['sessionConfID']) && isset($_POST['logstate']) && ($_POST['logstate'] == 'login')) {- Exclude checks
Expected 1 space after closing brace; 0 found Open
Open
}else if (!isset($_SESSION['sessionConfID'])){- Exclude checks
Closing brace must be on a line by itself Open
Open
$_SESSION['continue'] = $_GET['continue'];}- Exclude checks
Closing brace must be on a line by itself Open
Open
fail('Unknown request');}- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
$what = 'User created';- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
Open
echo <<<END- Exclude checks
Expected 1 space after closing parenthesis; found 0 Open
Open
if ($op !== 'new' && $op !== 'login'){- Exclude checks
Opening brace should be on a new line Open
Open
function print_login(){- Exclude checks
Opening brace should be on a new line Open
Open
function process_login(){- Exclude checks
Line indented incorrectly; expected 0 spaces, found 4 Open
Open
}else {- Exclude checks
Expected 1 space after closing brace; 0 found Open
Open
}else {- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
$sql = "SELECT * FROM `conf_contact_information`- Exclude checks
Opening brace should be on a new line Open
Open
function logout(){- Exclude checks
Usage of ELSE IF is discouraged; use ELSEIF instead Open
Open
}else if (!isset($_SESSION['sessionConfID'])){- Exclude checks
Expected 1 space after closing parenthesis; found 0 Open
Open
}else if (!isset($_SESSION['sessionConfID'])){- Exclude checks
Space before opening parenthesis of function call prohibited Open
Open
require_once ('session.php');- Exclude checks
Expected 1 space after IF keyword; 0 found Open
Open
if(isset($_GET['continue'])){- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
unset($hasher);- Exclude checks
Line indented incorrectly; expected 0 spaces, found 4 Open
Open
}else if (!isset($_SESSION['sessionConfID'])){- Exclude checks
Line indented incorrectly; expected 0 spaces, found 4 Open
Open
}- Exclude checks
Expected 1 space after closing brace; newline found Open
Open
}- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
extract($r);- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
Open
$result = $db->query($sql);- Exclude checks
The variable $error_message is not named in camelCase. Open
Open
function print_login(){
$error_message = "";
if (!isset($_GET['continue'])) {
}
if(isset($_GET['continue'])){- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}